In this paper, the authors report a newly discovered "Off-path TCP sequence number inference" attack enabled by firewall middle-boxes. It allows an off-path (i.e., not man-in-the-middle) attacker to hijack a TCP connection and inject malicious content, effectively granting the attacker write-only permission on the connection. For instance, with the help of unprivileged malware, they demonstrate that a successful attack can hijack an HTTP session and return a phishing Facebook login page issued by a browser. With the same mechanisms, it is also possible to inject malicious Javascript to post tweets or follow other people on behalf of the victim.